Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-29474 - log back

CVE-2021-29474 edited at 26 Apr 2021 20:47:20

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Information disclosure

Description

+	A security issue has been found in HedgeDoc before version 1.8.0. An attacker can read arbitrary .md files from the server's filesystem due to an improper input validation, which results in the ability to perform a relative path traversal.

References

+	https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-p528-555r-pf87

Notes

CVE-2021-29474 created at 26 Apr 2021 20:44:05